Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
File:                     OGKIZa_YpN-v3e-BHvz8ecA4czI.mft (raw, json)
Hash identifier:          4rLnzI7br1rUlQBTg+k01L65r9wA2RXsvCQDhuh+7/M=
Subject key identifier:   4C:7B:F3:2D:05:94:B3:A4:B7:22:8A:03:C4:77:AE:CF:F4:D6:45:8B
Authority key identifier: 38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32
Certificate issuer:       /CN=38628865afd8a4dfafddef811efcfc79c0387332
Certificate serial:       019611A0E18741640E2A0867E4F49AFB5953
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
Manifest number:          09D2
Signing time:             Mon 07 Apr 2025 19:01:18 +0000
Manifest this update:     Mon 07 Apr 2025 19:01:18 +0000
Manifest next update:     Tue 08 Apr 2025 19:01:18 +0000
Files and hashes:         1: OGKIZa_YpN-v3e-BHvz8ecA4czI.crl (hash: IFtE49os4VIBpQ9pf80q/2NSbNcyuzct/ytv2JY7bGw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 08 Apr 2025 14:28:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:11:a0:e1:87:41:64:0e:2a:08:67:e4:f4:9a:fb:59:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38628865afd8a4dfafddef811efcfc79c0387332
        Validity
            Not Before: Apr  7 19:01:18 2025 GMT
            Not After : Apr  8 19:01:18 2025 GMT
        Subject: CN=4c7bf32d0594b3a4b7228a03c477aecff4d6458b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:9f:a1:26:04:b3:67:8f:fd:c8:7c:86:22:4b:
                    b7:09:85:62:0e:01:42:00:75:a8:aa:16:60:07:d4:
                    56:74:80:17:ac:ad:25:a7:92:13:9d:9d:74:b4:7d:
                    9e:8d:b7:ee:23:d3:8a:84:75:ae:49:6b:1d:e9:c7:
                    52:32:c1:1a:51:14:d6:23:97:0d:24:8e:3b:5c:ef:
                    d4:e8:2e:de:26:3d:30:3a:12:89:88:5d:95:25:96:
                    a6:43:77:c0:db:b2:26:63:61:42:91:18:17:9b:be:
                    dd:03:e0:ea:60:c8:ad:a1:ee:9f:b2:9d:66:e3:7a:
                    93:1f:65:43:30:8e:bd:42:f9:66:9f:59:85:e0:05:
                    58:74:18:eb:a7:42:06:c5:bb:f7:48:5b:05:22:04:
                    66:38:fe:63:97:0a:fc:87:ec:0e:bf:56:a7:16:da:
                    66:61:a1:88:68:24:fc:8c:f3:90:12:9a:79:20:0b:
                    01:82:47:25:0e:20:e8:e7:b7:b5:c1:32:de:b6:b5:
                    c3:ae:11:9e:0f:64:63:44:12:cd:e9:1b:67:99:b1:
                    44:95:f7:98:f4:5f:1e:22:ea:8f:b5:a2:cd:0c:91:
                    cd:cb:5d:89:d4:9d:e2:e1:24:0a:84:89:f0:17:37:
                    12:9b:6c:0e:90:d2:2a:85:53:bd:18:8a:5c:40:f7:
                    0a:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:7B:F3:2D:05:94:B3:A4:B7:22:8A:03:C4:77:AE:CF:F4:D6:45:8B
            X509v3 Authority Key Identifier:
                keyid:38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:fb:a2:05:64:6b:ff:59:25:99:2a:1f:f6:18:44:21:2e:c2:
         8d:6e:f2:60:e5:2d:c1:a7:2e:9f:ff:8f:db:a2:1e:78:fe:94:
         d2:ba:35:3a:a1:7b:b4:29:d2:5c:e7:24:9b:0c:1e:16:8e:4c:
         7f:08:d5:e2:7e:50:14:ca:da:9b:74:5c:9f:2e:0a:8d:f1:ce:
         02:54:01:80:80:38:1c:ad:71:cf:d1:fa:6b:58:ea:57:21:1b:
         ee:ad:48:7d:64:54:ce:dc:e4:4d:16:eb:7c:a3:84:44:17:1b:
         ce:5d:7e:84:12:c7:36:08:d7:14:6e:f6:42:e7:44:ec:b8:4e:
         40:56:fc:d3:0b:69:c6:bc:9c:76:6e:a9:2e:5c:85:2e:0a:e1:
         61:90:4b:ee:e3:e9:85:34:05:7a:79:84:b4:17:b1:31:db:b6:
         a7:f8:34:5e:3f:a0:70:d0:a1:b4:91:b1:72:28:99:0f:cb:0a:
         85:63:59:2a:d4:e7:04:e0:df:32:cc:7d:e4:7f:17:af:48:2f:
         e9:9c:c1:3d:df:46:86:c9:ea:ba:1f:07:12:8a:dc:d8:bd:70:
         ef:d9:ca:22:45:7c:97:69:15:5a:98:05:80:c1:82:35:54:0d:
         52:3c:56:43:e7:80:68:ca:9b:98:85:9b:95:ac:86:54:19:59:
         25:ad:cd:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZYRoOGHQWQOKghn5PSa+1lTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NjI4ODY1YWZkOGE0ZGZhZmRkZWY4MTFlZmNmYzc5YzAz
ODczMzIwHhcNMjUwNDA3MTkwMTE4WhcNMjUwNDA4MTkwMTE4WjAzMTEwLwYDVQQD
Eyg0YzdiZjMyZDA1OTRiM2E0YjcyMjhhMDNjNDc3YWVjZmY0ZDY0NThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp+hJgSzZ4/9yHyGIku3CYViDgFC
AHWoqhZgB9RWdIAXrK0lp5ITnZ10tH2ejbfuI9OKhHWuSWsd6cdSMsEaURTWI5cN
JI47XO/U6C7eJj0wOhKJiF2VJZamQ3fA27ImY2FCkRgXm77dA+DqYMitoe6fsp1m
43qTH2VDMI69Qvlmn1mF4AVYdBjrp0IGxbv3SFsFIgRmOP5jlwr8h+wOv1anFtpm
YaGIaCT8jPOQEpp5IAsBgkclDiDo57e1wTLetrXDrhGeD2RjRBLN6RtnmbFElfeY
9F8eIuqPtaLNDJHNy12J1J3i4SQKhInwFzcSm2wOkNIqhVO9GIpcQPcKhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEx78y0FlLOktyKKA8R3rs/01kWLMB8GA1UdIwQY
MBaAFDhiiGWv2KTfr93vgR78/HnAOHMyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUt
ZGJlZTY2ZDczMzEzLzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUtZGJlZTY2ZDczMzEz
LzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYvuiBWRr
/1klmSof9hhEIS7CjW7yYOUtwacun/+P26IeeP6U0ro1OqF7tCnSXOckmwweFo5M
fwjV4n5QFMram3Rcny4KjfHOAlQBgIA4HK1xz9H6a1jqVyEb7q1IfWRUztzkTRbr
fKOERBcbzl1+hBLHNgjXFG72QudE7LhOQFb80wtpxrycdm6pLlyFLgrhYZBL7uPp
hTQFenmEtBexMdu2p/g0Xj+gcNChtJGxciiZD8sKhWNZKtTnBODfMsx95H8Xr0gv
6ZzBPd9Ghsnquh8HEorc2L1w79nKIkV8l2kVWpgFgMGCNVQNUjxWQ+eAaMqbmIWb
layGVBlZJa3NNw==
-----END CERTIFICATE-----